Thanks for the hint. BTW do you have any links to info about
how to implement magic Microsoft OID's - Google search did not give
much :-(
The authentication for the topology
access-point <-> pdc (also freeradius)
works and certificates for the proxy are generated in the similar way.
I have expected
that access-point <-> proxy <-> pdc toplogy should also work.
Furthermore, the same happens with the EAP-TTLS (SecureW2 supplicant) and
in both EAP-methods all "verify server certificates" are unchecked on
the supplicant site.
--Wladyslaw Pietraszek
Alan DeKok wrote:
Wladyslaw Pietraszek <[EMAIL PROTECTED]> wrote:
Authentication when access-points use 'pdc' directly works fine for
EAP-PEAP/TTLS.
Authentication for the topology
access-point <-> proxy <-> pdc
fails. Probably supplicant/access-point ignores "access-challenge (EAP)"
response.
The reason that happens is most likely that the proxy server
certificates don't contain the magic Microsoft OID's.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html